#!/bin/bash

. ${TOOLKIT}-functions.sh

ubuntu_all_ciphers="
	aes128-ctr aes192-ctr aes256-ctr arcfour256 arcfour128 
	aes128-cbc 3des-cbc blowfish-cbc cast128-cbc aes192-cbc 
	aes256-cbc arcfour
"

ciphers=$(jtconf sshd.ciphers 2>/dev/null || :)

[ "X$ciphers" = "X" ] && {
	getconfirm sshd.enable_all_ciphers && {
		echo "  sshd: enable ALL ciphers"
		ciphers=$(ssh -Q cipher 2>/dev/null || :)
		[ "X$ciphers" = "X" ] && {	# ssh does not support -Q option
			ciphers=$ubuntu_all_ciphers
		}
	}
}

[ "X$ciphers" != "X" ] && {
	echo "  sshd ciphers: " $ciphers
    	(
		echo "[sshd]"
		echo -n "  tmp_option_ciphers	Ciphers "
		comma=
		for cipher in $ciphers
		do
			echo -n "$comma$cipher"
			comma=","
		done
		echo
    	) >>$MODLOCALDB
}

exit 0
